Backing up the Pacemaker cluster configuration preserves resource definitions, constraints, and fencing settings before maintenance, upgrades, or troubleshooting. A recent archive helps recover quickly from accidental changes and supports rebuilding a node without recreating the cluster configuration by hand.
In a Pacemaker cluster, the active configuration is stored in the Cluster Information Base (CIB) and propagated across nodes through the cluster stack (commonly Corosync). The pcs tool can retrieve the current cluster state and package the relevant configuration into a single backup archive for later restoration.
Backup archives can include sensitive data such as pcsd authentication material and fencing agent secrets, so storage should be restricted and treated like credentials. The backup represents configuration at the time of creation rather than a full operating system snapshot, and restore operations are safest when performed with compatible pcs and Pacemaker versions.
Steps to back up Pacemaker cluster configuration:
- Create a root-only directory to store cluster configuration backup archives.
$ sudo install -d -m 0700 /var/backups/pacemaker
Using /var/backups/pacemaker keeps the archive out of world-writable locations and restricts access to root.
- Create a configuration backup archive.
$ sudo pcs config backup /var/backups/pacemaker/pacemaker-config-backup.tar.bz2
The backup archive can include sensitive credentials and fencing secrets.
- Verify the archive was created with restrictive permissions.
$ sudo ls -lh /var/backups/pacemaker/pacemaker-config-backup.tar.bz2 -rw------- 1 root root 2.2K Dec 31 08:27 /var/backups/pacemaker/pacemaker-config-backup.tar.bz2
- List the archive contents to confirm cluster configuration files were captured.
$ sudo tar -tjf /var/backups/pacemaker/pacemaker-config-backup.tar.bz2 version.txt cib.xml corosync_authkey pacemaker_authkey corosync.conf uidgid.d/
Archive layout can differ by pcs version, but the presence of the CIB and cluster stack configuration indicates a usable backup.
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.
